Versions Compared

Old Version 3

changes.mady.by.user René Gielen

Saved on

compared with

New Version 4

changes.mady.by.user Lukasz Lenart

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Who should read this

All Struts 2 developers and users

Impact of vulnerability

Possible Remote Code Execution

Maximum security rating

High

Recommendation

Disable Dynamic Method Invocation if possible. Alternatively upgrade to Struts 2.3.20.2, Struts 2.3.24.2 or Struts 2.3.28.1.

Affected Software

Struts 2.03.0 20 - Struts Struts 2.3.28 (except 2.3.20.2 and 2.3.24.2)

Reporter

Nike Zheng nike dot zheng at dbappsecurity dot com dot cn

CVE Identifier

CVE-2016-3081

...